)]}'
{
  "commit": "d034b2d8611041c6bd2b03c494dac8291c34d502",
  "tree": "34b63e42b2d3a4f5b3e3a43224642a279d71c11e",
  "parents": [
    "f2486371645533aba607ccf9cf8b94f2b170d467"
  ],
  "author": {
    "name": "Denis Kenzior",
    "email": "denkenz@gmail.com",
    "time": "Wed Sep 05 17:12:00 2018 +0100"
  },
  "committer": {
    "name": "David Howells",
    "email": "dhowells@redhat.com",
    "time": "Tue Oct 09 17:42:09 2018 +0100"
  },
  "message": "KEYS: asym_tpm: Add support for the sign operation\n\nThe sign operation can operate in a non-hashed mode by running the RSA\nsign operation directly on the input.  This assumes that the input is\nless than key_size_in_bytes - 11.  Since the TPM performs its own PKCS1\npadding, it isn\u0027t possible to support \u0027raw\u0027 mode, only \u0027pkcs1\u0027.\n\nAlternatively, a hashed version is also possible.  In this variant the\ninput is hashed (by userspace) via the selected hash function first.\nThen this implementation takes care of converting the hash to ASN.1\nformat and the sign operation is performed on the result.  This is\nsimilar to the implementation inside crypto/rsa-pkcs1pad.c.\n\nASN1 templates were copied from crypto/rsa-pkcs1pad.c.  There seems to\nbe no easy way to expose that functionality, but likely the templates\nshould be shared somehow.\n\nThe sign operation is implemented via TPM_Sign operation on the TPM.\nIt is assumed that the TPM wrapped key provided uses\nTPM_SS_RSASSAPKCS1v15_DER signature scheme.  This allows the TPM_Sign\noperation to work on data up to key_len_in_bytes - 11 bytes long.\n\nIn theory, we could also use TPM_Unbind instead of TPM_Sign, but we would\nhave to manually pkcs1 pad the digest first.\n\nSigned-off-by: Denis Kenzior \u003cdenkenz@gmail.com\u003e\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nTested-by: Marcel Holtmann \u003cmarcel@holtmann.org\u003e\nReviewed-by: Marcel Holtmann \u003cmarcel@holtmann.org\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "a5a5f913a74f351d67fa7e90a2afd751bee9d3c2",
      "old_mode": 33188,
      "old_path": "crypto/asymmetric_keys/asym_tpm.c",
      "new_id": "5d4c270463f6097a82954231ecf78a35192f1aee",
      "new_mode": 33188,
      "new_path": "crypto/asymmetric_keys/asym_tpm.c"
    }
  ]
}